<?php
session_start();
include("load-settings.php");

if (!isset($_SESSION['user']))
    header("Location: login.php");

$user = $_SESSION['user'];

$result = mysql_query("SELECT * FROM user WHERE id = $user");
$row = mysql_fetch_array($result);
$access = $row['type'];

if ($access != 2)
    header("Location: home.php");

if (isset($_POST['approve'])) {
    $id_arr = $_POST['id_del'];
    if (count($id_arr) > 0) {
        foreach ($id_arr as $order) {
            $result = mysql_query("SELECT * FROM order_record WHERE id = $order") or die(mysql_error());

            if (mysql_num_rows($result) == 0) {
                header("Location: verify-orders.php");
            }

            $row = mysql_fetch_array($result);

            mysql_query("UPDATE order_record SET verified_complete = 1 WHERE id = $order");

            $order_result = mysql_query("SELECT * FROM order_record WHERE id = $order");
            $order_row = mysql_fetch_array($order_result);

            $boosterArray = array();

            $total_wins = 0;

            $booster_result = mysql_query("SELECT * FROM booster_order WHERE order_record = $order ORDER BY timestamp DESC LIMIT 1");

            while ($booster_row = mysql_fetch_array($booster_result)) {
                $total_wins += $booster_row['wins'];
                $booster_row['difference'] = $booster_row['wins'] - $booster_row['losses'];
                array_push($boosterArray, $booster_row);
                $boost_id = $booster_row['id'];
            }

            $admin_payment = $order_row['payout'] * ($admin_percent / 100);

            $x = 0;

            while (isset($boosterArray[$x])) {
                if ($total_wins > 0) {
                    //$booster_payment = $order_row['booster_payout'] * ($boosterArray[$x]['difference']/$total_wins);

                    $booster_result = mysql_query("SELECT * FROM user WHERE id = " . $boosterArray[$x]['booster']);
                    $booster_row = mysql_fetch_array($booster_result);
                    $booster = $booster_row['id'];
                    $booster_paypal = $booster_row['paypal'];
                    $booster_note = $booster_row['username'];


                } else {
                    //$booster_payment = 0;
                    $booster_result = mysql_query("SELECT * FROM user WHERE id = " . $boosterArray[$x]['booster']);
                    $booster_row = mysql_fetch_array($booster_result);
                    $booster = $booster_row['id'];
                    $booster_paypal = $booster_row['paypal'];
                    $booster_note = $booster_row['username'];
                }

                $booster_payment = $order_row['booster_payout'];

                //if($booster_payment > 0)
                //{
                mysql_query("INSERT INTO payment (user, amount, paypal, timestamp, identifier, booster_order) VALUES ($booster, $booster_payment, '$booster_paypal', " . time() . ", '$booster_note', $order)") or die(mysql_error());
                //}

                $x++;
            }

            $admin_result = mysql_query("SELECT * FROM user WHERE paypal = '$admin_paypal'");
            $admin_row = mysql_fetch_array($admin_result);
            $admin = $admin_row['id'];
            $admin_note = "admin";

            if ($admin_payments == "On") {
                mysql_query("INSERT INTO payment (user, amount, paypal, timestamp) VALUES ($admin, $admin_payment, '$admin_paypal', " . time() . ", '$admin_note')");
            }

            $result = mysql_query("SELECT * FROM user WHERE id = " . $order_row['user']);
            $row = mysql_fetch_array($result);
            $to = $row['paypal'];
            $subject = 'Order complete';
            $message = str_replace('\n', '\r\n', $order_complete_message);
            $headers = 'From: Admin@VeteranBoosters.com' . "\r\n" .
                'Reply-To: Admin@VeteranBoosters.com' . "\r\n" .
                'X-Mailer: PHP/' . phpversion();

            mail($to, $subject, $message, $headers);

            $order_complete_message = mysql_real_escape_string($order_complete_message);
            mysql_query("INSERT INTO order_chat (user, timestamp, message, order_record) VALUES (4, " . time() . ", '$order_complete_message', $order)") or die(mysql_error());

            mysql_query("UPDATE booster_order SET active = 0 WHERE order_record = $order");
        }
        header("Location: verify-orders.php");

    }
}
if (isset($_GET['order'])) {
    $order = mysql_real_escape_string($_GET['order']);

    $result = mysql_query("SELECT * FROM order_record WHERE id = $order") or die(mysql_error());

    if (mysql_num_rows($result) == 0) {
        header("Location: verify-orders.php");
    }

    $row = mysql_fetch_array($result);

    mysql_query("UPDATE order_record SET verified_complete = 1 WHERE id = $order");

    $order_result = mysql_query("SELECT * FROM order_record WHERE id = $order");
    $order_row = mysql_fetch_array($order_result);

    $boosterArray = array();

    $total_wins = 0;

    $booster_result = mysql_query("SELECT * FROM booster_order WHERE order_record = $order ORDER BY timestamp DESC LIMIT 1");

    while ($booster_row = mysql_fetch_array($booster_result)) {
        $total_wins += $booster_row['wins'];
        $booster_row['difference'] = $booster_row['wins'] - $booster_row['losses'];
        array_push($boosterArray, $booster_row);
        $boost_id = $booster_row['id'];
    }

    $admin_payment = $order_row['payout'] * ($admin_percent / 100);

    $x = 0;

    while (isset($boosterArray[$x])) {
        if ($total_wins > 0) {
            //$booster_payment = $order_row['booster_payout'] * ($boosterArray[$x]['difference']/$total_wins);

            $booster_result = mysql_query("SELECT * FROM user WHERE id = " . $boosterArray[$x]['booster']);
            $booster_row = mysql_fetch_array($booster_result);
            $booster = $booster_row['id'];
            $booster_paypal = $booster_row['paypal'];
            $booster_note = $booster_row['username'];


        } else {
            //$booster_payment = 0;
            $booster_result = mysql_query("SELECT * FROM user WHERE id = " . $boosterArray[$x]['booster']);
            $booster_row = mysql_fetch_array($booster_result);
            $booster = $booster_row['id'];
            $booster_paypal = $booster_row['paypal'];
            $booster_note = $booster_row['username'];
        }

        $booster_payment = $order_row['booster_payout'];

        //if($booster_payment > 0)
        //{
        mysql_query("INSERT INTO payment (user, amount, paypal, timestamp, identifier, booster_order) VALUES ($booster, $booster_payment, '$booster_paypal', " . time() . ", '$booster_note', $order)") or die(mysql_error());
        //}

        $x++;
    }

    $admin_result = mysql_query("SELECT * FROM user WHERE paypal = '$admin_paypal'");
    $admin_row = mysql_fetch_array($admin_result);
    $admin = $admin_row['id'];
    $admin_note = "admin";

    if ($admin_payments == "On") {
        mysql_query("INSERT INTO payment (user, amount, paypal, timestamp) VALUES ($admin, $admin_payment, '$admin_paypal', " . time() . ", '$admin_note')");
    }

    $result = mysql_query("SELECT * FROM user WHERE id = " . $order_row['user']);
    $row = mysql_fetch_array($result);
    $to = $row['paypal'];
    $subject = 'Order complete';
    $message = str_replace('\n', '\r\n', $order_complete_message);
    $headers = 'From: Admin@VeteranBoosters.com' . "\r\n" .
        'Reply-To: Admin@VeteranBoosters.com' . "\r\n" .
        'X-Mailer: PHP/' . phpversion();

    mail($to, $subject, $message, $headers);

    $order_complete_message = mysql_real_escape_string($order_complete_message);
    mysql_query("INSERT INTO order_chat (user, timestamp, message, order_record) VALUES (4, " . time() . ", '$order_complete_message', $order)") or die(mysql_error());

    mysql_query("UPDATE booster_order SET active = 0 WHERE order_record = $order");

    header("Location: verify-orders.php");
} else {
    header("Location: verify-orders.php");
}
?>